Jekyll2017-04-01T23:33:36+05:30http://smattoo.github.io//Sagar Mattoohttp://smattoo.github.io//mattoo.sagar@gmail.comhttp://smattoo.github.io//tfs/2017/03/27/workaround-proxy-authentication-issue-azure-powershell-build-task-for-tfs-20152017-03-27T00:00:00+05:302017-03-27T00:00:00+05:30Sagar Mattoohttp://smattoo.github.io/mattoo.sagar@gmail.com
<h2 id="issue-">Issue:-(</h2>
<p>We had been working on setting up a Microsoft Azure PowerShell task on on-Premise TFS 2015 server, however the a NTML proxy sever on the network stood as a wall:-( not allowing the initial handshake between the task and the Azure Subscription.</p>
<p>Basically, Azure PowerShell build task tries to run <strong>Add-AzureRmAccount</strong> cmdlet which makes a call out to Azure to add an authenticated account to be used for Azure cmdlets and this is where it gets blocked by the proxy. This happens much before entering the custom script passed to the task as parameter.</p>
<h2 id="options-tried-">Options Tried:-(</h2>
<p>Tried some initial options like, but didn’t work:-(</p>
<p>Passing the default credentials by adding this <code class="highlighter-rouge">[System.Net.WebRequest]::DefaultWebProxy.Credentials =
[System.Net.CredentialCache]::DefaultCredentials</code> to the custom PowerShell script that the task runs</p>
<p>Passing the proxy credentials through powershell.exe.config.</p>
<h2 id="workaround-">Workaround:-)</h2>
<p>Finally, had to go to the basics, we switched to simple PowerShell task instead of Azure PowerShell for doing the initial handshake and passing the default credentials to the proxy. Below is the code snippet we added to our PowerShell scripts(you would need to pass TenantId, ApplicationId, ServicePrincipleKey as params to the script):</p>
<div class="highlighter-rouge"><pre class="highlight"><code>[System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials
$SecureKey = ConvertTo-SecureString $ServicePricipalKey -AsPlainText -Force
$secureCredential = New-Object System.Management.Automation.PSCredential($ApplicationId, $SecureKey)
Add-AzureRmAccount -ServicePrincipal -Tenant $TenantId -Credential $secureCredential
</code></pre>
</div>
<p><a href="http://smattoo.github.io//tfs/2017/03/27/workaround-proxy-authentication-issue-azure-powershell-build-task-for-tfs-2015/">Workaround: Proxy authentication issue Azure PowerShell build task for TFS 2015</a> was originally published by Sagar Mattoo at <a href="http://smattoo.github.io/"></a> on March 27, 2017.</p>http://smattoo.github.io//vpn/2017/03/24/azure-open-vpn-arm-template2017-03-24T00:00:00+05:302017-03-24T00:00:00+05:30Sagar Mattoohttp://smattoo.github.io/mattoo.sagar@gmail.com
<p>Want to access the Internet safely and securely by-passing the proxy servers, here’s an Azure ARM template to setup an OpenVPN server within couple of minutes.</p>
<p><strong>Prerequisites</strong></p>
<ul>
<li>Microsoft Azure Subscription with some credits:-)</li>
</ul>
<p><strong>Clients</strong></p>
<ul>
<li>Tested for <a href="https://openvpn.net/index.php/open-source/downloads.html" title="OpenVPN client download">OpenVPN 2.4.1 and 2.3.14</a> clients on Windows 8.1 and above.</li>
</ul>
<p><a href="https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fsmattoo%2Fopenvpn-azure-arm-template%2Fmaster%2Fopenvpn-azuredeploy.json" target="_blank">
<img src="http://azuredeploy.net/deploybutton.png" />
</a>
<a href="http://armviz.io/#/?load=https%3A%2F%2Fraw.githubusercontent.com%2Fsmattoo%2Fopenvpn-azure-arm-template%2Fmaster%2Fopenvpn-azuredeploy.json" target="_blank">
<img src="http://armviz.io/visualizebutton.png" />
</a></p>
<p><strong>Github:</strong> <a href="https://github.com/smattoo/openvpn-azure-arm-template" title="GitHub link">source</a></p>
<p>The template provisions an Ubuntu 16.04 vm and sets up the OpenVPN server. Post deployment of the template, you just need to download the <strong>.ovnpn</strong> configuration file and pass the same to the OpenVPN client running on your machine.</p>
<p>That’s it you now have established a private tunnel to access the internet.</p>
<p><a href="http://smattoo.github.io//vpn/2017/03/24/azure-open-vpn-arm-template/">Azure OpenVPN ARM template</a> was originally published by Sagar Mattoo at <a href="http://smattoo.github.io/"></a> on March 24, 2017.</p>